L3D
39e94854ed
Update gitea: https://github.com/go-gitea/gitea/releases What changed: > 1.9.3 BUGFIXES Fix go get from a private repository with Go 1.13 (#8100) Strict name matching for Repository.GetTagID() (#8082) Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070) Add change title notification for issues (#8064) Run CORS handler first for /api routes (#7967) (#8053) Evaluate emojis in commit messages in list view (#8044) Fix failed to synchronize tags to releases for repository (#7990) (#7994) Fix adding default Telegram webhook (#7972) (#7992) Abort synchronization from LDAP source if there is some error (#7965) Fix deformed emoji in commit message (#8071) ENHANCEMENT Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009) > 1.9.2 BUGFIXES Fix wrong sender when send slack webhook (#7918) (#7924) Upload support text/plain; charset=utf8 (#7899) Lfs/lock: round locked_at timestamp to second (#7872) (#7875) Fix non existent milestone with 500 error (#7867) (#7873) SECURITY Fix No PGP signature on 1.9.1 tag (#7874) Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ ENHANCEMENT Fix pull creation with empty changes (#7920) (#7926) BUILD Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884) > 1.9.1 BREAKING Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752) SECURITY Be more strict with git arguments (#7715) (#7762) Release built with go 1.12.8 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!topic/golang-nuts/fCQWxqxP8aA BUGFIXES Fix local runs of ssh-requiring integration tests (#7855) (#7857) Fix hook problem (#7856) (#7754) Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7850) (#7846) Do not fetch all refs (#7797) (#7837) Fix duplicate call of webhook (#7824) (#7821) Enable switching to a different source branch when PR already exists (#7823) Rewrite existing repo units if setting is not included in api body (#7811) Prevent Commit Status and Message From Overflowing On Branch Page (#7800) (#7808) API: fix multiple bugs with statuses endpoints (Backport #7785) (#7807) Fix Slack webhook fork message (1.9 release backport) (#7783) Fix approvals counting (#7757) (#7777) Fix rename failed when rewrite public keys (#7761) (#7769) Fix dropTableColumns sqlite implementation (#7710) (#7765) Fix repo_index_status lingering when deleting a repository (#7738) Fix milestone completness calculation when migrating (#7725) (#7732) Fixes indexed repos keeping outdated indexes when files grow too large (#7731) Skip non-regular files (e.g. submodules) on repo indexing (#7717) Improve branches list performance and fix protected branch icon when no-login (#7695) (#7704) Correct wrong datetime format for git (#7689) (#7690) |
||
---|---|---|
defaults | ||
handlers | ||
meta | ||
molecule/default | ||
tasks | ||
templates | ||
vars | ||
.gitignore | ||
.travis.yml | ||
.yamllint | ||
LICENSE | ||
README.md | ||
requirements-travis.txt |
Ansible role gitea - Install a gitea server
This role installs and manages a gitea server - Source code & screenshots.
Gitea is a Golang Git repository webapp, having the same look and feel as GitHub.
Sample example of use in a playbook
The following have been tested with Debian 8, it should work on Ubuntu as well.
- name: "Install gitea"
hosts: all
vars:
gitea_user: "gitea"
gitea_home: "/var/lib/gitea"
# To limit your users to 30 repos
gitea_user_repo_limit: 30
# Not to make use of any CDN
gitea_offline_mode: true
# Some 'rendering' options for your URLs
gitea_http_domain: git.yourdomain.fr
gitea_root_url: https://git.yourdomain.fr
# Here we assume we are behind a reverse proxy that will
# handle https for us, so we bind on localhost:3000 using HTTP
gitea_protocol: http
gitea_http_listen: 127.0.0.1
gitea_http_port: 3000
# SSH server configuration
gitea_ssh_listen: 0.0.0.0
gitea_ssh_port: 2222
# For URLs rendering again
gitea_ssh_domain: git.yourdomain.fr
gitea_start_ssh: true
gitea_secret_key: 3sp00ky5me
gitea_disable_gravatar: true
# To make at least your first user register
gitea_disable_registration: false
gitea_require_signin: true
gitea_enable_captcha: true
gitea_show_user_email: false
roles:
- gitea
More detailed options
General
gitea_version_check
: Check if installed version !=gitea_version
before initiating binary downloadgitea_user
: UNIX user used by Giteagitea_home
: Base directory to work
Look and feel
gitea_app_name
: Displayed application namegitea_show_user_email
: Do you share emails ? (true/false)gitea_disable_gravatar
: Do you disable Gravatar ? (privacy and so on) (true/false)gitea_offline_mode
: Same but with disabling CDNs (true/false)gitea_disable_registration
: Do you disable user registration ? (true/false)gitea_show_registration_button
: Do you want to show the registration button? (true/false)gitea_require_signin
: Do you require signin to see things (even public ones) ? (true/false)gitea_enable_captcha
: Do you enable captcha ? (true/false)gitea_secret_key
: Cookie secret keygitea_internal_token
: Internal API token
Limits
gitea_user_repo_limit
: Limit how many repos your user can have (-1 for unlimited)
HTTP configuration
gitea_http_domain
: HTTP domain (displayed in your clone URLs, just the domain like git.foo.fr)gitea_root_url
: Root URL used to access your web app (full URL)gitea_protocol
: Listening protocol (http/https)gitea_http_listen
: Bind addressgitea_http_port
: Bind portgitea_disable_http_git
: Disable the use of Git over HTTP ? (true/false)
SSH configuration
gitea_ssh_listen
: Bind address for the SSH servergitea_ssh_domain
: SSH domain (displayed in your clone URLs)gitea_start_ssh
: Do you start the SSH server ? (true/false)gitea_ssh_port
: SSH bind port
Database configuration
gitea_db_type
: Database type, can bemysql
,postgres
orsqlite3
gitea_db_host
: Database host stringhost:port
gitea_db_name
: Database namegitea_db_user
: Database usernamegitea_db_password
: Database passwordgitea_db_ssl
: Use SSL ? (postgres only!). Can berequired
,disable
,verify-full
gitea_db_path
: DB path, if you usesqlite3
. The default is good enough to work though.
Mailer configuration
gitea_mailer_enabled
: Wether to enable the mailer. Default:false
gitea_mailer_skip_verify
: Skip SMTP TLS certificate verification (true/false)gitea_mailer_tls_enabled
: Enable TLS for SMTP connection (true/false)gitea_mailer_host
: SMTP server hostname and portgitea_mailer_user
: SMTP server usernamegitea_mailer_password
: SMTP server passwordgitea_mailer_from
: Sender mail address
Fail2Ban configuration
If enabled, this will deploy a fail2ban filter and jail config for Gitea as described in the Gitea Documentation.
As this will only deploy config files fail2ban has to be already installed, otherwise the role will fail.
gitea_fail2ban_enabled
: Wether to deploy the fail2ban config snippetsgitea_fail2ban_jail_maxretry
: fail2ban jailmaxretry
setting. Default:10
gitea_fail2ban_jail_findtime
: fail2ban jailfindtime
setting. Default:3600
gitea_fail2ban_jail_bantime
: fail2ban jailbantime
setting. Default:900
gitea_fail2ban_jail_action
: fail2ban jailaction
setting. Default:iptables-allports
Oauth2 provider configuration
gitea_oauth2_enabled
: Enable the Oauth2 provider (true/false)gitea_oauth2_jwt_secret
: JWT secret
Contributing
Do not hesitate to make me a pull request, and when in doubt you can reach me on Twitter @thomas_maurice.
I also would be happy to fix the issues that would be opened, or even better, review your pull requests :)
Testing
Testing uses molecule, to start the tests, install the dependencies, I would recommend you use a virtual env for that but who am I to tell you what to do.
pip install pew # install pew to manage the venvs
pew new ansible # create the venv
pip install -r requirements-travis.txt # install the requirements
molecule test # Run the actual tests
Note: you need Docker installed
Known testing limitations
As of now, it is mainly validating that the playbook runs, the lint is ok and that type of things, since it runs in Docker we have no way yet to check if the service actually is launched by systemd and so on, this has to be worked on.
License
Copyright 2019-present Thomas Maurice
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.